Why are you doing these things via a session variable?
Why are you getting the news ID from $_SESSION and not $_GET ?
have you tried echoing out the SQL statements to see if variables are being set as expected?
Why are you doing these things via a session variable?
Why are you getting the news ID from $_SESSION and not $_GET ?
have you tried echoing out the SQL statements to see if variables are being set as expected?
Last edited by Raz316; 10-04-2013 at 11:43 AM.
i think for a particular user to store their information session is more secure.thats y i am using session.
i removed session and changed my code like below:
<?php
include('connection.php');
if(isset($_GET['id']))
{
$id=$_GET['id'];
$query1=mysql_query("delete from news where id='$id'");
if($query1)
{
header('location:news_list.php');
}
}
?>
bt still it is not working.
wht is the problem.
i am doing php course at g.tech.
this is a website for 1 company.after finishing it will appear n internet.
So you've completed a course, and now you're making a website for someone? Or making this website as part of the course?
These guys?
http://www.gteceducation.com/coursefinder.php
Was trying to find a syllabus to see which methods they teach.
throw new ArgumentException (String, String, Exception)
I so want to walk away from this, as you will be lethal if this ever gets on the Internet.
So things suggested:
1) commenting out a form will stop it working.
2) putting the GET value into a session and then using it isn't secure. At all.
3) for all that is sane and sensible stop straight away fixing it, and get some SQL injection protection as detailed.
4) try as I am other have said, output the sql that's to be run, and try by hand.
I would love to say that this will protect you but from what I've seen I've no faith you'll use it correctly.
Oh and the SQL Injection certainly won't solve your problem.
http://www.gteceducation.com/course_details.php?id=353
It's a very detailed course
Hello sir,
i am a beginner in php.that's y am asking these silly doubts.
please help me to find out the error in my code?
In the nicest possible way (which isn't that nice I'm afraid) no, I will not help you.
If this is part of your course, you've clearly not picked up enough knowledge during said course to be able to complete what is required. Helping you "fix" what you've made will not help you at all, it will not help you understand what you're doing.
If you get little or no support from GTech, I suggest you do some of your own learning outside of the course first, try something like this - http://www.freewebmasterhelp.com/tutorials/phpmysql/
i removed comment of the form.
<div align="center" style="width:50px; height:auto; float:left;border:solid 1px #DCDCDC;"><a href="news_delete.php?id=$id">delete</a></div>
removed ?id=$id from a href.now the connection is moving to news_delete.php.bt cannt delete the value.
Please try item 4 in my reply above.
I executed the code in sql.it is deleting data from database.but still now it is not working with html form.
There are currently 1 users browsing this thread. (0 members and 1 guests)